Model-Based Threat Analysis and Risk Assessment - Automotive
Version 24.2.6 (6.07 MB) by
Martin Becker
This add-on provides templates to perform Threat Analysis and Risk Assessment (TARA) for automotive software informed by ISO/SAE 21434:2021
Model-Based Threat Analysis and Risk Assessment - Automotive Template
This add-on provides a template for model-based cybersecurity threat and risk analysis (TARA) by leveraging Simulink® Fault Analyzer™. You can use this add-on to identify security threats, evaluate their risks, and allocate security goals.
The ISO®/SAE® 21434:2021 standard informs this template.
Use this add-on to perform these workflows:
1. Create detailed, extensible, and customizable threat meta-models.
- Links to model artifacts and requirements to analysis spreadsheets.
- Validate analysis spreadsheets to identify model and requirement incompletenesses and inconsistencies.
- Write custom analysis and validation functions with the power of MATLAB®.
2. Establish traceability from your model to risks and countermeasures.
- Identify vulnerabilities and assign security goals/countermeasures to your model.
- Trace relationships in your meta-model.
3. Develop your system in tandem with your risk analyses.
- Identify new assets in your model.
- Perform staleness checks on model artifacts.
- Detect changes to model artifacts.
4. Gather security guidance:
- Leverage the STRIDE model to find assets and threats.
- Perform dominance analysis on scenarios.
5. Integrate with other MathWorks products.
- Perform additional safety analyses (HARA and FTA) by using Simulink Fault Analyzer and link safety impacts to the security analysis.
- Simulate attacks (attack library, non-intrusive).
- Simulate countermeasures and determine their effectiveness (e.g., ID(P)S).
- Build end-to-end tracability from high-level requirements to source code.
This add-on supports these methods for feasibility estimation:
- Attack Vector (ISO/SAE 21434:2021 G.4)
- Attack Potential (ISO/SAE 21434:2021 G.2)
This add-on supports these methods for threat enumeration:
- STRIDE by element
Required Products
This add-on requires these products:
- MATLAB — R2024b or later
- Simulink
- System Composer™
- Simulink Fault Analyzer
- Requirements Toolbox™
- MATLAB Report Generator™
- Simulink Report Generator™
Installation
To install this add-on, use one of these options:
- If you already have the mltbx-file, open it in MATLAB.
- Otherwise, use the Add-Ons panel in MATLAB. To open the Add-Ons panel, click the Add-Ons icon on the left sidebar of the desktop. If the Add-Ons icon is not on the sidebar, click the Open more panels button and select the Add-Ons panel.
How to get started
To get started, see doc/GettingStarted.mlx, available via the Add-Ons browser.
Best Practices
- To validate each spreadsheet, define only one validation callback per spreadsheet. Reporting functions use this configuration.
- When you run the validation callback on a spreadsheet, do not use the callback to change the values in the spreadsheet.
- The validation callback should be the last custom callback in the callback list. When you organize the callbacks this way, the validation callback executes after the other custom callbacks. You can then use the validation callback to validate the results of previous callbacks.
- If you want to link one cell in spreadsheet A to another cell or row in spreadsheet B:
- Define a separate column "LinkToB" in spreadsheet A and link from the cells in that column. You can see the link as a "property" of the row in spreadsheet A.
- Link to a *row* in spreadsheet B, not a cell. This link refers to the full row in B. Additionally, you can reduce the number of columns that you need in spreadsheet B.
- Hide columns with labels that start with an underscore. The add-on programmatically updates these columns.
- If you want to make these columns visible, add a derived column that displays the value. Derived columns are read-only.
Troubleshooting
If the add-on disappears after restarting MATLAB: This happens when your pathdef.m is read-only. First, find the file by running this command:
`````````````````````````````````````````````
which -all pathdef
`````````````````````````````````````````````
If pathdef.m is in your installation directory, it is likely causing your problem.
To fix this issue, perform one of these tasks:
- Install the add-on in admin mode.
- Run the command 'savepath' after installation.
If you use this approach, you can optionally provide a path in a directory that does not require admin rights.
Community Support
https://www.mathworks.com/matlabcentral
Copyright 2025 The MathWorks, Inc.
Cite As
Martin Becker (2025). Model-Based Threat Analysis and Risk Assessment - Automotive (https://ch.mathworks.com/matlabcentral/fileexchange/181901-model-based-threat-analysis-and-risk-assessment-automotive), MATLAB Central File Exchange. Retrieved .
MATLAB Release Compatibility
Created with
R2025a
Compatible with R2024b and later releases
Platform Compatibility
Windows macOS LinuxTags
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!Discover Live Editor
Create scripts with code, output, and formatted text in a single executable document.
+tara
+tara/+functions
+tara/+types
+tara/example
+tara/example
doc
| Version | Published | Release Notes | |
|---|---|---|---|
| 24.2.6 |
|
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom(English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)